<?php

class UserController extends Controller
{
	/**
	 * @var string the default layout for the views. Defaults to '//layouts/column2', meaning
	 * using two-column layout. See 'protected/views/layouts/column2.php'.
	 */
	// public $layout='//layouts/column2';

	/**
	 * Specifies the access control rules.
	 * This method is used by the 'accessControl' filter.
	 * @return array access control rules
	 */
	public function filters()
	{
		 return array(
		 	'accessControl', // perform access control for CRUD operations
		 	'projectContext + view',
		 	'postOnly + delete', // we only allow deletion via POST request
		 );
	}

 	public function filterProjectContext($filterChain)
    {
        $this->layout='//layouts/column2';
        $filterChain->run();
    }

	public function accessRules()
	{
		$accessRules = array(
			array('allow',  // allow all users to perform 'index' and 'view' actions
				'actions'=>array('login','logout'),
				'users'=>array('*'),
			),
		);
		$admin = User::model()->getAdminInfo();
		$superadmin = User::model()->getSuperAdminInfo();
		foreach ($admin as $value) {
			$accessRules[] = array('allow', // allow admin user to perform 'admin','create','update','delete' actions
				'actions'=>array('view','update'),
				'users'=>array($value->username));
		}
		foreach ($superadmin as $value) {
			$accessRules[] = array('allow', // allow superadmin user to perform 'admin','create','update','delete' actions
				'actions'=>array('index','view','admin','create','update','delete'),
				'users'=>array($value->username));
		}
		//Quan trọng phần deny này phải ở cuối cùng của arrary acccessRules
		$accessRules[] = array('deny',  // deny all users
					'users'=>array('*'),
				);
		return $accessRules;
	}
	/**
	 * Displays a particular model.
	 * @param integer $id the ID of the model to be displayed
	 */
	public function actionView($id)
	{
        $this->layout='//layouts/column2';
		$loadModel = $this->loadModel($id);
		$this->render('view',array(
			'model'=>$this->loadModel($id),
		));
	}

	/**
	 * Creates a new model.
	 * If creation is successful, the browser will be redirected to the 'view' page.
	 */
	public function actionCreate()
	{
		$model=new User;

		// Uncomment the following line if AJAX validation is needed
		// $this->performAjaxValidation($model);

		if(isset($_POST['User']))
		{
			$model->attributes=$_POST['User'];
			$model->password = md5($model->password);
			$model->password_repeat = md5($model->password_repeat);
			// $password = md5($model->password);
			// print_r($model);exit();
			if($model->save())
				$this->redirect(array('view','id'=>$model->id));
		}

		$this->render('create',array(
			'model'=>$model,
		));
	}

	/**
	 * Updates a particular model.
	 * If update is successful, the browser will be redirected to the 'view' page.
	 * @param integer $id the ID of the model to be updated
	 */
	public function actionUpdate($id)
	{
		$model=$this->loadModel($id);
		// Uncomment the following line if AJAX validation is needed
		// $this->performAjaxValidation($model);

		if(isset($_POST['User']))
		{
			$model->attributes=$_POST['User'];
			if (md5($model->password_old) == $model->password) {
				$model->password = md5($model->password_new);
				$model->password_repeat = md5($model->password_new);
			}
			if($model->save())
				$this->redirect(array('view','id'=>$model->id));
		}

		$this->render('update',array(
			'model'=>$model,
		));
	}

	/**
	 * Deletes a particular model.
	 * If deletion is successful, the browser will be redirected to the 'admin' page.
	 * @param integer $id the ID of the model to be deleted
	 */
	public function actionDelete($id)
	{
		$this->loadModel($id)->delete();

		// if AJAX request (triggered by deletion via admin grid view), we should not redirect the browser
		if(!isset($_GET['ajax']))
			$this->redirect(isset($_POST['returnUrl']) ? $_POST['returnUrl'] : array('admin'));
	}

	/**
	 * Lists all models.
	 */
	public function actionIndex()
	{
		$dataProvider=new CActiveDataProvider('User');
		$this->render('index',array(
			'dataProvider'=>$dataProvider,
		));
	}

	/**
	 * Manages all models.
	 */
	public function actionAdmin()
	{
		$model=new User('search');
		$model->unsetAttributes();  // clear any default values
		if(isset($_GET['User']))
			$model->attributes=$_GET['User'];

		$this->render('admin',array(
			'model'=>$model,
		));
	}

	public function actionLogin()
	{
		$model=new LoginForm;
		if(Yii::app()->user->isGuest) {
			// if it is ajax validation request
			if(isset($_POST['ajax']) && $_POST['ajax']==='login-form')
			{
				echo CActiveForm::validate($model);
				Yii::app()->end();
			}

			// collect user input data
			if(isset($_POST['LoginForm']))
			{
				$model->attributes=$_POST['LoginForm'];
				$model->password = md5($model->password);
				// validate user input and redirect to the previous page if valid
				if($model->validate() && $model->login())
					// $this->redirect(Yii::app()->user->returnUrl);
					$this->redirect('http://localhost/thanhshop/index.php/product/index');
			}
			// display the login form
		} else {
			// $this->redirect('http://localhost/izumi/index.php');
			$this->redirect(Yii::app()->homeUrl);
		}
		$this->render('login',array('model'=>$model));
	}

	/**
	 * Logs out the current user and redirect to homepage.
	 */
	public function actionLogout()
	{
		Yii::app()->user->logout();
		$this->redirect(Yii::app()->homeUrl);
	}

	/**
	 * Returns the data model based on the primary key given in the GET variable.
	 * If the data model is not found, an HTTP exception will be raised.
	 * @param integer $id the ID of the model to be loaded
	 * @return User the loaded model
	 * @throws CHttpException
	 */
	public function loadModel($id)
	{
		$model=User::model()->findByPk($id);
		if($model===null)
			throw new CHttpException(404,'The requested page does not exist.');
		return $model;
	}

	/**
	 * Performs the AJAX validation.
	 * @param User $model the model to be validated
	 */
	protected function performAjaxValidation($model)
	{
		if(isset($_POST['ajax']) && $_POST['ajax']==='user-form')
		{
			echo CActiveForm::validate($model);
			Yii::app()->end();
		}
	}
}
